[blink-dev] Ready for Developer Testing: Local network access restrictions

Contact emailscth...@chromium.org Explainerhttps://github.com/explainers-by-googlers/local-network-access Specification https://docs.google.com/document/d/1n0kKxt9pS9qDlu_9i5W8IXA594r4pUOKmN9H35cZ8j0/edit?tab=t.0 Summary Restricts the ability to make requests to the user's local network, gated

[blink-dev] PSA: Changes to the fetch() option `targetAddressSpace`

Hello blink-dev@ -- As part of our work on Local Network Access restrictions (which is superseding a prior effort called Private Network Access ), we will be making some changes to the fetch opti

Re: [blink-dev] Intent to Prototype: Local network access restrictions

, 2025 at 12:39 PM Torne (Richard Coles) wrote: > > > On Thu, 6 Mar 2025 at 19:38, Chris Thompson wrote: > >> Contact emailscth...@chromium.org >> >> Explainerhttps://github.com/explainers-by-googlers/local-network-access >> >> SpecificationNot yet >>

[blink-dev] Intent to Prototype: Local network access restrictions

Contact emailscth...@chromium.org Explainerhttps://github.com/explainers-by-googlers/local-network-access SpecificationNot yet Summary Restricts the ability to make requests to the user's local network, gated behind a permission prompt. A local network request is any request from a public websi

Re: [blink-dev] Intent to Extend Deprecation Trial: Restrict "private network requests" for subresources from public websites to secure contexts.

Hi all -- As M132 has now branched I wanted to follow up here with an update on our plan going forward. We are choosing to allow this deprecation trial to expire and we will *not* be moving forward with these restrictions as currently proposed at this time. While we still want to remove the risk o

Re: [blink-dev] Intent to Ship: Ignore Strict-Transport-Security for localhost

I think this would be in Step 10 of Main Fetch (Step 5 is for Upgrade-Insecure-Requests): > > Set request’s current URL > ’s scheme > to "https" if all of > the following conditions are tru

Re: [blink-dev] Re: Intent to Ship: HTTPS Upgrades

nt of > time to land, please let us know. > > On Wed, Jul 19, 2023 at 9:02 PM Chris Harrelson > wrote: > >> LGTM2 with the same conditions as Daniel. Thanks also for following up >> with a summary before proceeding with rollout! >> >> On Wed, Jul 19, 2023

Re: [blink-dev] Re: Intent to Experiment: HTTPS Upgrades

eak). >> >> Thanks, >> -Caleb >> >> On Wednesday, July 12, 2023 at 1:06:55 AM UTC-4 Yoav Weiss wrote: >> >>> M115 experimentation LGTM >>> >>> On Tue, Jul 11, 2023, 22:53 Chris Thompson wrote: >>> >>>> Quick additional c

Re: [blink-dev] Re: Intent to Experiment: HTTPS Upgrades

Thanks, > -Caleb > > On Wednesday, July 12, 2023 at 1:06:55 AM UTC-4 Yoav Weiss wrote: > >> M115 experimentation LGTM >> >> On Tue, Jul 11, 2023, 22:53 Chris Thompson wrote: >> >>> Quick additional context for this intent: we have previously sent an

Re: [blink-dev] Re: Intent to Ship: HTTPS Upgrades

gt; /Daniel > On 2023-06-14 17:40, Yoav Weiss wrote: > > > > On Thursday, June 8, 2023 at 5:53:49 PM UTC+2 Chris Thompson wrote: > > On Wed, Jun 7, 2023 at 9:41 PM Yoav Weiss wrote: > > Thanks for working on this! > > On Wed, Jun 7, 2023 at 11:44 PM Chris Thompson &

[blink-dev] Re: Intent to Experiment: HTTPS Upgrades

com/whatwg/fetch/pull/1655> has not yet landed. On Tue, Jul 11, 2023 at 1:51 PM Chris Thompson wrote: > Contact emailscth...@chromium.org, dadr...@google.com > > Explainerhttps://github.com/dadrian/https-upgrade/blob/main/explainer.md > > Specificationhttps://github.com/w

[blink-dev] Intent to Experiment: HTTPS Upgrades

Contact emailscth...@chromium.org, dadr...@google.com Explainerhttps://github.com/dadrian/https-upgrade/blob/main/explainer.md Specificationhttps://github.com/whatwg/fetch/pull/1655 Summary Automatically and optimistically upgrade all main-frame navigations to HTTPS, with fast fallback to HTTP.

[blink-dev] Re: Intent to Ship: HTTPS Upgrades

t doesn't seem to make any difference (proxy is still getting >> a "CONNECT :443"). >> >> Note that our previous build (115.0.5790.32) does not do these upgrades, >> so I don't need any disable-feature switch for the m115 build. However, >> t

[blink-dev] Re: Intent to Ship: HTTPS Upgrades

Could you provide more information on what is occurring (or maybe better: file a bug at crbug.com/new with details and link it here)? That's the correct flag to force-disable the feature (you can also disable it during the experimental period in chrome://flags/#https-upgrades). Note that Chrome ha

Re: [blink-dev] Re: Intent to Ship: HTTPS Upgrades

On Wed, Jun 7, 2023 at 9:41 PM Yoav Weiss wrote: > Thanks for working on this! > > On Wed, Jun 7, 2023 at 11:44 PM Chris Thompson > wrote: > >> Thanks all. Some updates: >> >>- We have filed a TAG review request >><https://github.com/w3ctag

Re: [blink-dev] Re: Intent to Ship: HTTPS Upgrades

t mode, I'm excited to see this ship >>>> ASAP! >>>> >>>> On Wed, May 31, 2023, 5:29 a.m. 'Mike West' via blink-dev < >>>> blink-dev@chromium.org> wrote: >>>> >>>>> On Fri, May 26, 2023 at 1:32 AM Chris Thomps

Re: [blink-dev] Intent to Ship: HTTPS Upgrades

n Thu, May 25, 2023 at 9:49 AM Rik Cabanier wrote: > >> >> >> On Wed, May 24, 2023 at 4:43 PM Chris Thompson >> wrote: >> >>> We're planning to roll this out as a field trial, hopefully starting in >>> Chrome 115 at 1% Stable in order to keep an e

Re: [blink-dev] Intent to Ship: HTTPS Upgrades

To cabanier@: On Thu, May 25, 2023 at 7:49 AM Rik Cabanier wrote: > > > On Wed, May 24, 2023 at 4:43 PM Chris Thompson > wrote: > >> We're planning to roll this out as a field trial, hopefully starting in >> Chrome 115 at 1% Stable in order to keep an eye i

[blink-dev] Re: Intent to Ship: HTTPS Upgrades

On Thu, May 25, 2023 at 1:13 AM Chris Thompson > wrote: > >> Contact emailscth...@chromium.org, dadr...@google.com >> >> Explainerhttps://github.com/dadrian/https-upgrade/blob/main/explainer.md >> >> Specificationhttps://github.com/whatwg/fetch/pull/1655 >>

Re: [blink-dev] Intent to Ship: HTTPS Upgrades

n Wed, May 24, 2023 at 4:36 PM Rik Cabanier wrote: > This is an awesome change that will make the web better! > Did you run any experiments or origin trials to see how it works in the > field? Are you planning on rolling it out slowly to see the impact? > > On Wed, May 24

[blink-dev] Intent to Ship: HTTPS Upgrades

Contact emailscth...@chromium.org, dadr...@google.com Explainerhttps://github.com/dadrian/https-upgrade/blob/main/explainer.md Specificationhttps://github.com/whatwg/fetch/pull/1655 Summary Automatically and optimistically upgrade all main-frame navigations to HTTPS, with fast fallback to HTTP.

Re: [blink-dev] Intent to Deprecate and Remove: WebRTC's RTCStats of type "track" and "stream".

> Do we have trackable statistics on the usage of corporate policies? > ie if nobody uses the policy in 2 milestones, can we detect that and decide that it is not needed and delete it, or will we be as unsure as we are now? It is quite common in my experience to handle removals with an enterprise

Re: [blink-dev] Intent to Deprecate and Remove: WebSQL in non-secure contexts

I'll note that file:// URLs are considered secure contexts, which may be relevant for single-html-file apps -- see https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts#when_is_a_context_considered_secure On Thu, Dec 8, 2022 at 4:28 PM 'Ben Morss' via blink-dev < blink-dev@chromium

[blink-dev] Intent to Prototype: HTTPS Upgrades

Contact emailscth...@chromium.org, dadr...@chromium.org Explainerhttps://github.com/dadrian/https-upgrade/blob/main/explainer.md Specification Summary Automatically and optimistically upgrade all main-frame navigations to HTTPS, with fast fallback to HTTP. Blink componentInternals>Network

Re: [blink-dev] Intent to Remove: TLS 1.0 and TLS 1.1

Another update for this thread: We will be completing the final removal of support for TLS 1.0/1.1 in M-98, which is scheduled to ship to Stable channel in February 2022. This change will remove the bypassable interstitial warning and instead Chrome will refuse to connect and show a non-bypassable